I am using a Forticlient SSL-VPN split tunnel but want to route access to a certain web address through it as well.
How do I accomplish this?
For example https://url.com can only be accessed coming from Fortigate's WAN IP, so when I travel I want to be able to use the SSL-VPN Forticlient to connect to it.
I tried to add the FQDN in VPN > SSL-VPN Portals > full-access > Routing Address but its not working.
I guess, since you have already enabled the Split tunneling, you would now see an option "ROUTING ADDRESS" which is located straight below the SPLIT TUNNEL.
You can now add a FQDN there and those(SSL users) traffic goes to that particular URL will be redirected to go through the tunnel!
Thanks and If I'm wrong, please correct me!
Yes exactly, I tried to add the IP for the web address in "ROUTING ADDRESS" but it did not work.
Were you able to configure the FQDN address for split tunnel? When I tried, creating an FQDN address object then tried to append it to existing addresses with "append split-tunneling-routing-address ?" at the portal config, it doesn't show up in the candidate list. Mine is v6.0.7 now. I'm afraid FQDN might not be supported.
I was not able to add FQDN to routing addresses no and I am also on 6.0.7.
You mentioned even when you added IP it didn't work. First thing to check is "route print" or "netstat -nr" at your client machine. If not, the ssl vpn config has a problem. If it's there, likely the policy is not allowing.
This was resolved by creating the firewall policy properly, which also needs NAT enabled. It works fine now.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.